-
Posts
38,068 -
Joined
-
Last visited
-
Days Won
1,509
Everything posted by Marcos
-
I overlooked the information that it was found in an xpi file. It's unlikely to be a false positive, however, @portman please submit the xpi file to ESET for further analysis to confirm the detection. For instructions, read https://support.eset.com/kb141.
-
how to identify a web virus if only eset is triggered ?
Marcos replied to Rémi's topic in Malware Finding and Cleaning
There is a malicious js that ESET detects as JS/Agent.NYX and which caused blocking of the domain. -
Eset security and driver esay ?
Marcos replied to mohammad51's topic in Malware Finding and Cleaning
If you are sure that ESET is causing the issue, did you try temporarily uninstalling it so as not to blame the innocent? -
First of all, we kindly ask you to not steal someone else's topic but instead create a new one next time. The Malware Finding and Cleaning forum is intended for queries like yours. To answer your question, the website appears to have been compromised. An administrator should clean it and take measures to prevent further re-infection.
-
Eset security and driver esay ?
Marcos replied to mohammad51's topic in Malware Finding and Cleaning
I recall it's detected as a potentially unwanted application. Does temporarily pausing protection make a difference? -
Outlook not synchronising after deploying EES
Marcos replied to ShaneDT's topic in ESET PROTECT On-prem (Remote Management)
I would recommend contacting customer care and creating a support ticket so that the issue is properly tracked and investigated. They should provide you with a logging version of the Outlook plug-in and subsequently pass the logs to developers for perusal. -
Please gather all logs with ELC. The Detected threats log is empty. The sample that was used to create a detection was dropped by an InnoSetup installer so it's likely it was installed with some programs on your machine. You are right, ESET appears to be the only AV to detect it which is a good example of how well ESET protects users from threats that are missed also by AVs with 100% detection in tests.
-
Please report incorrectly blocked websites as per https://support.eset.com/kb141. It's possible that the website was compromised in the past and has been cleaned in the mean time.
-
Please post the appropriate records from the Detected threats log.
-
That would happen if a process accessed the web cam while the system is starting and the device control has not been fully initialized yet. The issue is being investigated and hope there could me more information available on this within the next few days. It also appears it has something to do with processes running in the local system account.
-
I'd suggest contacting your local customer care. After entering a license key no further user information is requested unless you activate a trial version.
-
Collect Device Control Logs in ERA
Marcos replied to Roy's topic in ESET PROTECT On-prem (Remote Management)
My fault, I actually meant logging severity. -
It depends. Some licenses may be locked down to a specific country.
-
This is beyond the scope of support here but you can find many guidelines on the Internet how to create one, e.g. at https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl, https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs and many others.
-
Collect Device Control Logs in ERA
Marcos replied to Roy's topic in ESET PROTECT On-prem (Remote Management)
Changing the logging verbosity to warnings in rules that you want to have reported to ESMC when applied should do the trick. -
ERA Agent Version 6 to version 7 Upgrade
Marcos replied to Andrew26's topic in ESET PROTECT On-prem (Remote Management)
Agent 6.x can communicate with ECMS, however, agent v7 cannot communicate with ERA. After upgrading from ERA to ECMS, send an ECMS upgrade component task to machines to upgrade the agent. -
I take liberty to correct you - it's Windows 10 October 2018 Update (aka RedStone 5). Versions 10.1 and newer fully support it.
-
Please submit the suspicious attachment (ideally the whole email in the eml or msg format) to samples@eset.com in an archive protected with the password "infected". If it's a new macro malware, using ESET Dynamic Threat Defense would likely improve the response and you'd get it detected quicker without waiting for the next engine module update.
-
Need help activating the product which i bought
Marcos replied to Grey Crimson's topic in ESET NOD32 Antivirus
ACT.0 may be a temporary overload of activation servers, however, we haven't observed any issues with them recently. Please contact your local customer care.